package com.hns.frame.security;

import java.util.Collection;

import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
/**
 * 权限表决器
 * @author:Fisher
 * @email:zhuangcaijin@126.com
 * @version Revision 2.0.0
 */
public class AppAccessDecisionVoter implements AccessDecisionVoter<Object> {  
    public boolean supports(ConfigAttribute attribute) {  
        return true;  
    }  
    public boolean supports(Class<?> clazz) {  
        return true;  
    }
    /**
     * 表决器
     * @param authentication 身份认证对象
     * @param object    
     * @param attributes    权限集合
     * @return  是否认证成功
     * @see org.springframework.security.access.AccessDecisionVoter#vote(org.springframework.security.core.Authentication, java.lang.Object, java.util.Collection)
     * @author:Fisher
     * @email:zhuangcaijin@126.com
     */
    public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {  
        int result = ACCESS_DENIED;  
        for (ConfigAttribute attribute : attributes) {//可访问该页面的角色  
            for (GrantedAuthority authority : authentication.getAuthorities()) {//登录用户具备的角色  
                 if (attribute.getAttribute().equals(authority.getAuthority())) {//判断用户是否具有相应角色  
                     return ACCESS_GRANTED;  
                 }  
            }  
        }  
        return result;  
    }  
}
